Flylib.com

Books Software

 
 
 

Category list


Similar pages

It s On By Default


Buy on amazon.com >>
Robinson E. Bond M.J
    << Previous page
    Table of contents
    Next page >>

    It’s On By Default

    Because your Visual Basic .NET application is typically made up of calls to Visual Basic .NET–provided functions and methods such as FileOpen , Kill , Shell , and Show , all these functions internally check to see whether your code has sufficient permissions to perform the requisite action. If sufficient permissions have not been granted by the .NET code-access security system, a security exception is thrown and the action is not taken. There is nothing you need to do to turn on code-access security in your Visual Basic .NET application. It’s on by default.



    Security Features and the Visual Basic .NET Developer

    If you’re developing applications or components that are intended to be run from environments such as a local network environment (intranet) or the Internet, you might find that your application doesn’t run as expected in those environments. For example, certain Visual Basic .NET statements might lead to security exceptions that immediately halt execution of your application. This chapter shows how you can work with the .NET code-access security system to create an application that is both safe and functional.

    Note 

    If you’re creating a system component on the order of the .NET system libraries—such as the Microsoft.VisualBasic , System.Web , and System.Windows.Forms components, which are globally registered on the system—you’ll need to apply more advanced code- access security techniques to make your global system component both accessible and safe to all untrusted callers . These techniques— such as applying the AllowPartiallyTrustedCallers attribute, supplying custom evidence, and knowing when to properly use Demand , LinkDemand , and Assert— are beyond the scope of this chapter, not to mention the scope of this book. If you head down the path of applying the AllowPartiallyTrustedCallers attribute, for example, you are effectively telling the code-access security system you will be responsible for protecting all code within your application. Before you decide to take on this added responsibility, you might want to reconsider whether you need a system component in the first place. In most cases, it’s simpler to create a non-system component—the type of class library components Visual Basic .NET creates by default—and distribute the component with each application, which the Visual Basic .NET Deployment Wizard will handle for you automatically. This chapter focuses on ways you can work within the context of the code- access security system provided by Visual Basic .NET to make your ordinary, non-system components and applications perform their intended actions safely.



    Code-Access Security vs. Application Role-Based Security

    The main difference between code-access security and application-defined role-based security, as presented in Chapter 2, is that code-access security is enforced by the system (namely the .NET runtime), whereas role-based security is implemented by you in your code. Code-access security allows no choice (which is a good thing in this case)—that is, the system automatically determines what your code is allowed to do. Role-based security, on the other hand, is all about choice. You get to choose whether you need to implement role- based security in your application, as well as the extent to which it will be applied throughout your application, if at all.

    Code-Access Security Preempts Application Role-Based Security

    Code-access security permissions are evaluated independent of application role-based security permissions. To illustrate the relationship between the two types of security, let’s use an example of attempting to take luggage on an airplane. You get to choose the size, shape, and color of the luggage you want to take on a trip. For example, suppose you choose to take a big, yellow suitcase on a business trip. Because the suitcase contains important documents, you decide to carry it with you on the airplane. Your choice of what you want to do with your suitcase ends as soon as you get to airport security. You find that after much force and ingenuity you can’t cram your suitcase through the tiny opening into the X-ray machine. Security personnel quickly step in and point out that because of size restrictions you are not permitted to carry your suitcase onto the airplane. You pull out your business card, present it to the security guard, and explain that you are the president of an important software start-up company. This only serves to infuriate the security guard, who promptly hauls you and your luggage back to the lobby. Defeated, you check in your suitcase at the check-in counter. Your role as president of an important company did nothing to change or preempt the rules that apply to everybody.

    Code-access security controls your code much like airport security controls what is allowed to be carried on board an airplane. For example, if your application is not permitted to create a file on disk, the code-access security system will refuse to allow your application to write to disk. A security exception will occur and your application will be halted much like the passenger who is halted and sent back from the airport security checkpoint. The operation will not be allowed no matter who is granted permission by your application’s role- based security system to save the file to disk—even if that person, the president of an important start-up company, was granted the permission by your role- based security model.

    It’s possible to make exceptions to the rules. For example, if the head of the United Nations wanted to pass a big, yellow suitcase through security, an exception could be made to allow him to pass through. See Chapter 10 for more information on modifying and deploying security policy updates.

    start sidebar
    OS Security Restrictions Preempt Everything

    Operating System (OS) security restrictions define the final set of permissions your application will need to anticipate and contend with. For example, you might define a role in your application, such as account manager, and give that role permission to save management reports to disk. In addition, your application, from a code-access standpoint, might be granted full access rights to perform Visual Basic .NET operations, such as Print #1 to write a management report file to disk. However, depending on where the file is saved on the disk, the operating system might deny the operation. If the account manager attempts to save to a file folder she does not have access to—based on operating system file-folder permissions—the operation will be denied and an error will be generated when the code is executed. Figure 3-1 illustrates how an attempt to perform some action, such as writing to a file, must pass through several security checks. Microsoft Windows security gives the final thumbs-up or thumbs-down on whether to perform the attempted action.

    click to expand
    Figure 3-1: An attempt to perform an action must pass through several security checks

    end sidebar

    In terms of code-access security, what are determining factors in what your code is allowed to do? You might be surprised to find that your Visual Basic .NET application that runs fine on your local computer terminates with a security exception when deployed and run from a server or from the Internet. We’ll see in the next section that the actions your Visual Basic .NET code is allowed to perform are largely determined by the environment in which your code is run.



    Buy on amazon.com >>
    Robinson E. Bond M.J
      << Previous page
      Table of contents
      Next page >>

      Similar products

       
      flylib.com © Copyright 2008-2013. All Rights Reserved.
      if you may any questions please contact us: flylib@qtcs.net
      Privacy policy